Sysinternals did a so good job at doing it and explaining it, that some source code of old version are still available here for instance, and the code is well documented (imho). It could be a good start as well.

Just use Win32 N.API to get the pid from the File handle. It's a FAQ for 15 years...

Sysinternals Filemon (free) does this, and better yet they describe how they did it:

For the Windows 9x driver, the heart of FileMon is in the virtual device driver, Filevxd.vxd. It is dynamically loaded, and in its initialization it installs a file system filter via the VxD service, IFSMGR_InstallFileSystemApiHook, to insert itself onto the call chain of all file system requests. On Windows NT the heart of FileMon is a file system driver that creates and attaches filter device objects to target file system device objects so that FileMon will see all IRPs and FastIO requests directed at drives. When FileMon sees an open, create or close call, it updates an internal hash table that serves as the mapping between internal file handles and file path names. Whenever it sees calls that are handle based, it looks up the handle in the hash table to obtain the full name for display. If a handle-based access references a file opened before FileMon started, FileMon will fail to find the mapping in its hash table and will simply present the handle's value instead.

-Adam

I would use the "handle.exe" app from Sysinternals.

Or, are you actually trying to do this programmactically?